Insider Threat Data Analyst

Job Expired

About the job

Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management, and wealth management services. The Firm’s employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices. As a market leader, the talent and passion of our people is critical to our success. Together, we share a common set of values rooted in integrity, excellence and strong team ethic. Morgan Stanley can provide a superior foundation for building a professional career – a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.

Technology works as a strategic partner with Morgan Stanley business units and the world’s leading technology companies to redefine how we do business in ever more global, complex, and dynamic financial markets. Morgan Stanley’s sizeable investment in technology results in quantitative trading systems, cutting-edge modeling and simulation software, comprehensive risk and security systems, and robust client-relationship capabilities, plus the worldwide infrastructure that forms the backbone of these systems and tools. Our insights, our applications and infrastructure give a competitive edge to clients’ businesses—and to our own.

Morgan Stanley is looking for an Insider Threat Analytic Developer to join the firm’s Information Security Incident Management and Investigations (ISIMI) team. The global Analytic team has members in key geographical locations; performing big data analysis in order to identify indicators of potentially malicious insiders within the Firms network and developing enterprise scale analytics to proactively alert on future occurrences.

Primary Responsibilities

  • Perform big data analysis to identify indicators of potentially malicious insider activity with the Firm’s network
  • Interact with stakeholders and leadership teams as part of the analytic development lifecycle
  • Improve the accuracy of detections through continuous improvement and false positive feedback loops
  • Work with security partners to understand controls and propose preventative/monitor measures as appropriate
  • Maintain knowledge of technologies and the threat landscape.
  • Assist during non-core business hours during an emergency, critical, or large-scale analytic outage.

Candidates should have a genuine interest in cyber security/insider threat and a good understanding of the techniques, and procedures of insiders. This role requires a detail oriented, critical thinker who can anticipate issues, and solve problems. Candidates should be able to analyze large datasets to detect underlying patterns to drive analytic development.

Required Skills

  • Experience with or within a Security Analysis and Incident Response function.
  • Excellent writing and presentation skills are required in order to communicate findings, recommendations, and status of analytic development
  • Ability to work with customers, gather requirements and distill them into complete solutions.
  • Detailed understanding of security architecture principals and best practices.
  • Experience working with large data sets specifically focused on Cyber Security.
  • Ability to develop and maintain professional contacts in the security community.

Desired Skills

  • Scripting (Python, BASH, Perl, or PowerShell), coding, or other development experience.
  • Experience in Splunk usage or administration.
  • Practitioner experience with analyzing host, file, or network-based logs to filter known versus unknown with a goal of finding malicious activity.
  • Industry certifications: GCIH, CISSP, GCFA, or other related certifications.
  • Experience in the financial industry.
  • General understanding and experience with Data Science techniques and approaches.

Posting Date

Apr 1, 2022

Primary Location

Americas-United States of America-Georgia-Alpharetta

Education Level

Bachelor’s Degree


Threat Management

Employment Type

Full Time

Job Level


More Information

  • This job has expired!

Leave your thoughts

Share this job